All calls to the SignalFx API require the use of an access token.
SignalFx supports two types of access tokens for working in the SignalFx API -- org tokens and session tokens.
Org tokens (called Access Tokens in the SignalFx web UI) are long-lived organization-level tokens. By default, org tokens persist for 5 years, but may be disabled earlier by an administrator of your SignalFx org. As such, they are suitable for embedding into emitters that send data points over long periods of time, or for any long-running scripts that call the SignalFx API.
An org token cannot be used for /organization/member, /organization/members, or /organization/member/:userId. These APIs require a session token (discussed below) belonging to a user with administration privileges in the SignalFx web UI.
An org token can be used anywhere else the API calls for an access token.
To view the org token for your organization, go to your profile page in the SignalFx web UI and click the Access Tokens link for your organization. A SignalFx administrator can manage org tokens for their organization on the Admin page of the SignalFx web UI.
Session tokens (called User API Access Tokens in the SignalFx web UI) are created by an authentication request from a specific user on their profile page, and can also be created and deleted via /session in the SignalFx API. A session token grants the owner of the token the same rights as the user it is bound to. Session tokens expire automatically after 30 days. If a user’s session token expires, they can generate a new token on their profile page.
A session token can be used anywhere else the API calls for an access token.